diff options
| author | Koen Kooi <koen@dominion.thruhere.net> | 2011-05-31 20:33:24 +0200 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2011-06-02 14:55:54 +0100 |
| commit | 08bac9fb256ebb0b538b0550040f340af539bafe (patch) | |
| tree | 035697a273c73ccf3109a980bc777409442877d7 | |
| parent | d8f87522b6d93c49c87ac90323918353bd75499e (diff) | |
| download | poky-08bac9fb256ebb0b538b0550040f340af539bafe.tar.gz | |
shadow: remove selinux entry from pam.d/login
SElinux has been disabled in the recipe, leading to messages like this:
[ 167.643218] login[312]: PAM unable to dlopen(/lib/security/pam_selinux.so): /lib/security/pam_selinux.so: cannot open shared object file: No such file or directory
[ 167.670837] login[312]: PAM adding faulty module: /lib/security/pam_selinux.so
(From OE-Core rev: b90e9c2318fc421f37c57788ece54ce791a90b62)
Signed-off-by: Koen Kooi <koen@dominion.thruhere.net>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
| -rw-r--r-- | meta/recipes-extended/shadow/files/pam.d/login | 7 | ||||
| -rw-r--r-- | meta/recipes-extended/shadow/shadow.inc | 2 |
2 files changed, 2 insertions, 7 deletions
diff --git a/meta/recipes-extended/shadow/files/pam.d/login b/meta/recipes-extended/shadow/files/pam.d/login index e41eb04ec1..e4dacc2264 100644 --- a/meta/recipes-extended/shadow/files/pam.d/login +++ b/meta/recipes-extended/shadow/files/pam.d/login | |||
| @@ -26,13 +26,6 @@ auth [success=ok ignore=ignore user_unknown=ignore default=die] pam_secur | |||
| 26 | # (Replaces the `NOLOGINS_FILE' option from login.defs) | 26 | # (Replaces the `NOLOGINS_FILE' option from login.defs) |
| 27 | auth requisite pam_nologin.so | 27 | auth requisite pam_nologin.so |
| 28 | 28 | ||
| 29 | # SELinux needs to be the first session rule. This ensures that any | ||
| 30 | # lingering context has been cleared. Without out this it is possible | ||
| 31 | # that a module could execute code in the wrong domain. | ||
| 32 | # When the module is present, "required" would be sufficient (When SELinux | ||
| 33 | # is disabled, this returns success.) | ||
| 34 | session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close | ||
| 35 | |||
| 36 | # This module parses environment configuration file(s) | 29 | # This module parses environment configuration file(s) |
| 37 | # and also allows you to use an extended config | 30 | # and also allows you to use an extended config |
| 38 | # file /etc/security/pam_env.conf. | 31 | # file /etc/security/pam_env.conf. |
diff --git a/meta/recipes-extended/shadow/shadow.inc b/meta/recipes-extended/shadow/shadow.inc index 42f92a7f4e..35bd6a881b 100644 --- a/meta/recipes-extended/shadow/shadow.inc +++ b/meta/recipes-extended/shadow/shadow.inc | |||
| @@ -6,6 +6,8 @@ LICENSE = "BSD | Artistic" | |||
| 6 | LIC_FILES_CHKSUM = "file://COPYING;md5=08c553a87d4e51bbed50b20e0adcaede \ | 6 | LIC_FILES_CHKSUM = "file://COPYING;md5=08c553a87d4e51bbed50b20e0adcaede \ |
| 7 | file://src/passwd.c;firstline=8;endline=30;md5=2899a045e90511d0e043b85a7db7e2fe" | 7 | file://src/passwd.c;firstline=8;endline=30;md5=2899a045e90511d0e043b85a7db7e2fe" |
| 8 | 8 | ||
| 9 | PR = "r1" | ||
| 10 | |||
| 9 | PAM_PLUGINS = " libpam-runtime \ | 11 | PAM_PLUGINS = " libpam-runtime \ |
| 10 | pam-plugin-faildelay \ | 12 | pam-plugin-faildelay \ |
| 11 | pam-plugin-securetty \ | 13 | pam-plugin-securetty \ |